Re: Where I can find "SSL specification"?
| От | Martijn van Oosterhout |
|---|---|
| Тема | Re: Where I can find "SSL specification"? |
| Дата | |
| Msg-id | 20091105080844.GA11302@svana.org обсуждение исходный текст |
| Ответ на | Re: Where I can find "SSL specification"? (Raimon Fernandez <coder@montx.com>) |
| Список | pgsql-general |
On Thu, Nov 05, 2009 at 08:48:47AM +0100, Raimon Fernandez wrote: > Where can I find the steps to start an SSL connection with PostgreSQL ? > > The config files, certificates, etc. etc. must follow the same rules for > the libpq specification ? You follow the conventions of whatever SSL library you use. >> heck, you have to be a glutton to want to use libssl from openssl... >> there's something like 158 APIs and very little documentation on how >> to properly use them > > Doy you mean there's no 'easy' way to start-up an SSL connection from a > TCP/IP socket to postgresql ???? Sure, open up the documentation for the SSL library you want to use and find the function that lets you pass a open file descriptior. This function will handle the SSL startup for you and give you a handle for further communication. Personally I find the GnuTLS API to be much saner than openssl, in which case you just do: gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) FileDescriptor); /* Perform the TLS handshake */ ret = gnutls_handshake (session); See this example: http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-anonymous-authentication.html#Simple-client-example-with-anonymous-authentication Hope this helps, -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > Please line up in a tree and maintain the heap invariant while > boarding. Thank you for flying nlogn airlines.
Вложения
В списке pgsql-general по дате отправления: